Transparent Botnet Control for Smartphones over SMS. Georgia Weidman
|
|
- Philomena Washington
- 7 years ago
- Views:
Transcription
1 Transparent Botnet Control for Smartphones over SMS Georgia Weidman
2 Why Smartphone Botnets? Nearly 62 million smartphones sold in Q Development is similar to standard platforms Android = Linux iphone = OSX Windows Mobile = Windows Technical specs not as good as top of the line desktops. They are as good as the desktops you might have at work.
3 Why SMS C&C? Battery Management Fault Tolerant Always On Difficult for security researchers to monitor
4 How an SMS is sent and received
5 How an SMS is sent and received
6 How an SMS is sent and received
7 How an SMS is sent and received
8 Previous Work: SMS Fuzzing At Blackhat 2009, Charlie Miller & Collin Mulliner proxied the application layer and modem to crash smartphones with SMS.
9
10
11
12
13
14
15
16 Master Bot
17 Master Bot Handled by botherders Switched out regularly to avoid detection Prepay SIM Cards + Kleptomania Sends instructions to Sentinel Bots In charge of bot structure
18 Sentinel Bots
19 Sentinel Bots Several trustworthy long infected bots Receive instructions from master bot Pass on instructions to a set of slave bots
20 Slave Bots
21 Slave Bots Receive instructions from sentinel bots Carry out botnet payload functionality (DDOS, SPAM, etc.)
22 Robustness Master Bot: May change device, platform, SIM at will Prepaid phones are difficult to track Has knowledge of all active bots Sentinel Bots: Reserved for long time bots The only bots that interact directly with the master Master may promote any slave when needed Slave Bots: A compromise results in at most finding the identity of a single sentinel
23 Security Concerns Impersonation: Use cryptographic keys to authenticate master bot and sentinel bots Replay: SMS timestamps Sequence number One time keys
24 SMS-Deliver PDU F1040B F A0AE8329BFD4697D9EC37 Field Value Length of SMSC 07 Type of Address (SMSC) 91 Service Center Address (SMSC) F1 SMS Deliver Info 04 Length of Sender Number 0B Type of Sender Number 91 Sender Number F1 Protocol Identifier 00 Data Coding Scheme 00 Time Stamp A User Data Length 0A User Data E8 32 9B FD D9 EC 37
25 SMS-Deliver PDU F1040B F A0AE8329BFD4697D9EC37 Field Length of SMSC 07 Type of Address (SMSC) 91 Service Center Address (SMSC) SMS Deliver Info 04 Length of Sender Number F1 0B Type of Sender Number 91 Sender Number Protocol Identifier 00 Data Coding Scheme 00 Time Stamp User Data Length F1 Value A User Data E8 32 9B FD D9 EC 37 0A
26 How It Works 1. Bot Receives Message 2. Bot Decodes User Data 3. Bot Checks for Bot Key 4. Bot Performs Payload Functionality
27 How It Works 1. Bot Receives Message Bot receives all communication from modem If SMS (code CMT) continue analysis If not SMS pass up to user space 2. Bot Decodes User Data 3. Bot Checks for Bot Key 4. Bot Performs Payload Functionality
28 How It Works 1. Bot Receives Message 2. Bot Decodes User Data Moves through PDU to User Data Decode 7 bit GSM to plaintext 3. Bot Checks for Bot Key 4. Bot Performs Payload Functionality
29 How It Works 1. Bot Receives Message 2. Bot Decodes User Data 3. Bot Checks for Bot Key Bot checks for secret key in message If bot message continue analysis If not bot message pass to user space 4. Bot Performs Payload Functionality
30 How It Works 1. Bot Receives Message 2. Bot Decodes User Data 3. Bot Checks for Bot Key 4. Bot Performs Payload Functionality Bot reads functionality request in message If found perform functionality If not found fail silently
31 Getting The Bot Installed Regular Users: App + Local Root Exploit (Sendpage etc.) Example: John Oberheide's Twilight Android Botnet Defcon Skytalks 2010 Root-level/Jailbroken Users: Root level app using proxy function for AWESOME + Bot Remote: Remote root exploit (rooted and nonrooted) Example: ikee-b Duh Worm for iphone
32 Example Payloads Spam Creating SMS-Send PDUs and passing them to the modem Example: SMS ads DDOS Millions of smartphones vs. a server Loading New Functionality Send URL in payload Download the module into known payloads
33 Parallel Research: iphone Base Code Rise of the ibots: Owning a Telco Network Collin Mulliner and Jean-Pierre Seifert SMS and P2P smartphone botnets
34 DEMO : ) Android Bot with SMS Spam Payload Released code has the bot without payloads (have fun)
35 Thanks To Mom for helping me master character arrays in c.
36 Contact Georgia Weidman Website:
Smartphone Botnets. Berlin Institute of Technology FG Security in Telecommunications SPRING 2010
Berlin Institute of Technology FG Security in Telecommunications Smartphone Botnets SPRING 2010 Weiss Collin Mulliner, July 7 th 2010 collin@sec.t-labs.tu-berlin.de Agenda Introduction Motivation Project
More informationNow SMS/MMS Android Modem Quick Start Guide
Now SMS/MMS Android Modem Quick Start Guide Using a GSM modem, or an Android phone as a modem, is a quick and efficient way to get started with SMS and/or MMS applications. No special service provider
More informationAnti-Spyware Analysis for ios: An Evaluation of Current Security Products Available for ios
Anti-Spyware Analysis for ios: An Evaluation of Current Security Products Available for ios Carlos Gonzalez, Bill Stackpole, and Tae Oh Abstract Mobile devices and their operating systems are ubiquitous
More informationSecure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationLearning Management Redefined. Acadox Infrastructure & Architecture
Learning Management Redefined Acadox Infrastructure & Architecture w w w. a c a d o x. c o m Outline Overview Application Servers Databases Storage Network Content Delivery Network (CDN) & Caching Queuing
More informationKey & Data Storage on Mobile Devices
Key & Data Storage on Mobile Devices Advanced Computer Networks 2015/2016 Johannes Feichtner johannes.feichtner@iaik.tugraz.at Outline Why is this topic so delicate? Keys & Key Management High-Level Cryptography
More informationBBM Protected: Secure enterprise- GrAde MoBIle MeSSAGING
BBM Protected: Secure ENTERPRISE- GRADE mobile messaging All the benefits of BBM with the security of enterprise-grade encryption BBM Protected allows employees to take advantage of the speed, reliability
More informationAgenda. Taxonomy of Botnet Threats. Background. Summary. Background. Taxonomy. Trend Micro Inc. Presented by Tushar Ranka
Taxonomy of Botnet Threats Trend Micro Inc. Presented by Tushar Ranka Agenda Summary Background Taxonomy Attacking Behavior Command & Control Rallying Mechanisms Communication Protocols Evasion Techniques
More informationSHORT MESSAGE SERVICE SECURITY
SHORT MESSAGE SERVICE SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationOver-the-Air Cross-platform Infection for Breaking mtan-based Online Banking Authentication
Over-the-Air Cross-platform Infection for Breaking mtan-based Online Banking Authentication Alexandra Dmitrienko Fraunhofer Institute for Secure Information Technology/CASED, Germany Joint work with Lucas
More informationThe power of root on Android emulators
The power of root on Android emulators Command line tooling for Android Development Gabe Martin LinuxFest Northwest 2013 10:00 AM to 10:50 AM, CC 239 Welcome Describe alternative title Questions can be
More informationDirty use of USSD codes in cellular networks
.. Dirty use of USSD codes in cellular networks Ravishankar Borgaonkar Security in Telecommunications, Technische Universität Berlin TelcoSecDay, Heidelberg, 12th March 2013 Agenda USSD codes and services
More informationDistributed Systems. Distributed Systems
Distributed Systems Prof. Steve Wilbur Department of Computer Science University College London 1 Distributed Systems... use of more than one computer connected by communications links to carry out a computational
More informationSecurity A to Z the most important terms
Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from
More informationManaging Web Security in an Increasingly Challenging Threat Landscape
Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.
More information(U)SimMonitor: A New Malware that Compromises the Security of Cellular Technology and Allows Security Evaluation
(U)SimMonitor: A New Malware that Compromises the Security of Cellular Technology and Allows Security Evaluation DR. C. NTANTOGIAN 1, DR. C. XENAKIS 1, DR. G. KAROPOULOS 2 1 DEPT. O F DIGITAL SYST EMS,
More informationCloud Based Secure Web Gateway
Cloud Based Secure Web Gateway DR160203 March 2016 Miercom www.miercom.com Contents Executive Summary... 3 Introduction... 4 Product Tested... 4 Test Focus... 4 How We Did It... 5 Test Bed Setup... 5 Test
More informationMobile Security. Practical attacks using cheap equipment. Business France. Presented the 07/06/2016. For. By Sébastien Dudek
Mobile Security Practical attacks using cheap equipment Presented the 07/06/2016 Business France By Sébastien Dudek For Content Security measures Recent publications in the hacking community Practical
More informationSecurity from the Ground Up eblvd uses a hybrid-asp model designed expressly to ensure robust, secure operation.
eblvd enables secure, cloud-based access to a PC or server over the Internet. Data, keyboard, mouse and display updates are transmitted over a highly compressed, encrypted stream, yielding "as good as
More informationLinux Web Based VPN Connectivity Details and Instructions
Linux Web Based VPN Connectivity Details and Instructions UMDNJ s Web-based VPN utilizes an SSL Based Cisco Application that provides VPN functionality without having to install a full client for end users
More informationSHARPCLOUD SECURITY STATEMENT
SHARPCLOUD SECURITY STATEMENT Summary Provides details of the SharpCloud Security Architecture Authors: Russell Johnson and Andrew Sinclair v1.8 (December 2014) Contents Overview... 2 1. The SharpCloud
More informationMobile NFC 101. Presenter: Nick von Dadelszen Date: 31st August 2012 Company: Lateral Security (IT) Services Limited
Mobile NFC 101 Presenter: Nick von Dadelszen Date: 31st August 2012 Company: Lateral Security (IT) Services Limited Company Lateral Security (IT) Services Limited Company Overview Founded in April 2008
More informationChapter 17. Transport-Level Security
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
More informationSecurity Policy Revision Date: 23 April 2009
Security Policy Revision Date: 23 April 2009 Remote Desktop Support Version 3.2.1 or later for Windows Version 3.1.2 or later for Linux and Mac 4 ISL Light Security Policy This section describes the procedure
More informationIJREAT International Journal of Research in Engineering & Advanced Technology, Volume 1, Issue 1, March, 2013 ISSN: 2320-8791 www.ijreat.
Intrusion Detection in Cloud for Smart Phones Namitha Jacob Department of Information Technology, SRM University, Chennai, India Abstract The popularity of smart phone is increasing day to day and the
More informationConducting Virtual Meetings
Page 1 oovoo Chat & Video Conferencing Information gathered by, International Faculty 2013 Faculty Training General Information What can I do with oovoo? oovoo offers free high quality video chat and instant
More informationIKEE.B. An analysis of the IKEE.B iphone Bot. Hassen Saidi (hassen.saidi@sri.com) Computer Science Laboratory
IKEE.B An analysis of the IKEE.B iphone Bot Hassen Saidi (hassen.saidi@sri.com) Computer Science Laboratory Use of the Internet Page 2 Use of Mobile Phones Page 3 The Growth of a Network Page 4 The Growth
More informationLab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace
Lab Exercise SSL/TLS Objective To observe SSL/TLS (Secure Sockets Layer / Transport Layer Security) in action. SSL/TLS is used to secure TCP connections, and it is widely used as part of the secure web:
More informationSecure software updates for ITS communications devices
Secure software updates for ITS communications devices - International Standardization Activity in ITU-T SG17 - Masashi Eto, Senior researcher, Cybersecurity laboratory, Network security research institute,
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationInjecting SMS Messages into Smart Phones for Security Analysis
Injecting SMS Messages into Smart Phones for Security Analysis Collin Mulliner Deutsche Telekom Laboratories/ TU-Berlin collin@sec.t-labs.tu-berlin.de Charlie Miller Independent Security Evaluators cmiller@securityevaluators.com
More informationStorgrid EFS Access all of your business information securely from any device
Datasheet Storgrid EFS Access all of your business information securely from any device September 2014 2014 STORGRID International Holding BV. This document is created with the utmost care. To prevent
More informationFuzzing the Phone in your Phone (Black Hat USA 2009)
Fuzzing the Phone in your Phone (Black Hat USA 2009) Collin Mulliner TU-Berlin / T-Labs collin@sec.t-labs.tu-berlin.de Charlie Miller Independent Security Evaluators cmiller@securityevaluators.com June
More informationBotnets. Botnets and Spam. Joining the IRC Channel. Command and Control. Tadayoshi Kohno
CSE 490K Lecture 14 Botnets and Spam Tadayoshi Kohno Some slides based on Vitaly Shmatikov s Botnets! Botnet = network of autonomous programs capable of acting on instructions Typically a large (up to
More informationTowards Automated Botnet Detection and Mitigation
Towards Automated Botnet Detection and Mitigation Stopping the Root Cause of Spam Pi1 - Laboratory for Dependable Distributed Systems Outline Motivation Tools & techniques for botnet detection nepenthes
More informationA new Secure Remote Access Platform from Giritech. Page 1
A new Secure Remote Access Platform from Giritech Page 1 Remote users have preferences G/On 5 works for Windows, Mac and Linux The G/On Client user experience is specific to the operating system Users
More informationSecureCom Mobile s mission is to help people keep their private communication private.
About SecureCom Mobile SecureCom Mobile s mission is to help people keep their private communication private. We believe people have a right to share ideas with each other, confident that only the intended
More informationSophos Mobile Control as a Service Startup guide. Product version: 3.5
Sophos Mobile Control as a Service Startup guide Product version: 3.5 Document date: August 2013 Contents 1 About this guide...3 2 What are the key steps?...4 3 First login...5 4 Change your administrator
More informationCOPY9 USER GUIDE for iphone
COPY9 USER GUIDE for iphone Installation for iphone Devices Welcome to the installation page for your iphone. Copy9 is ONLY compatible with ANY jailbroken iphone 3G, 3GS, 4, iphone 4S, ipad at least 3.1.3
More informationLab Exercise SSL/TLS. Objective. Requirements. Step 1: Capture a Trace
Lab Exercise SSL/TLS Objective To observe SSL/TLS (Secure Sockets Layer / Transport Layer Security) in action. SSL/TLS is used to secure TCP connections, and it is widely used as part of the secure web:
More informationCopyright Copyright 2014 SerVision Ltd. All Rights Reserved.
Applliicatiion Sollutiion MONITORING STATIONARY SITES Usiing SerViisiion Viideo Gateways to Moniitor Fiixed Siites wiith Preexiistiing Cablled Networkiing IInfrastructure Copyright Copyright 2014 SerVision
More informationThe Shift to Wireless Data Communication
The Shift to Wireless Data Communication Choosing a Cellular Solution for Connecting Devices to a WWAN Dana Lee, Senior Product Manager dana.lee@moxa.com Recent developments in the wireless and industrial
More informationHacking Android for fun & profit
Hacking Android for fun & profit Nuit du Hack 2011 Plan (1/3) Android System Features Permissions API & SDK Debugging mode Overt & covert channels Overt channels overview Covert channels overview Lick
More informationMobile Application Hacking for Android and iphone. 4-Day Hands-On Course. Syllabus
Mobile Application Hacking for Android and iphone 4-Day Hands-On Course Syllabus Android and iphone Mobile Application Hacking 4-Day Hands-On Course Course description This course will focus on the techniques
More informationAssessing BYOD with the Smarthpone Pentest Framework. Georgia Weidman
Assessing BYOD with the Smarthpone Pentest Framework Georgia Weidman BYOD Is Not New Contractor Laptop Rogue Access Point Gaming Console Tradi>onal Vulnerability Scanning The iphone in Ques>on Is
More informationSecurity Threats for Mobile Platforms
Security Threats for Mobile Platforms Goran Delac Faculty of Electrical Engineering and Computing, University of Zagreb, Zagreb, Croatia Abstract - The proliferation of smart-phone devices, with ever advancing
More informationNokia E90 Communicator Using WLAN
Using WLAN Nokia E90 Communicator Using WLAN Nokia E90 Communicator Using WLAN Legal Notice Nokia, Nokia Connecting People, Eseries and E90 Communicator are trademarks or registered trademarks of Nokia
More informationBOMGAR.COM BOMGAR VS. GOTOASSIST UPDATED: 9/8/2015
BOMGAR.COM BOMGAR VS. GOTOASSIST UPDATED: 9/8/2015 Bomgar VS. GoToAssist LICENSING & DEPLOYMENT The proliferation of solutions has undoubtedly provided certain advantages for organizations seeking alternatives
More informationE-commerce. business. technology. society. Kenneth C. Laudon Carol Guercio Traver. Second Edition. Copyright 2007 Pearson Education, Inc.
Copyright 2007 Pearson Education, Inc. Slide 5-1 E-commerce business. technology. society. Second Edition Kenneth C. Laudon Carol Guercio Traver Copyright 2007 Pearson Education, Inc. Slide 5-2 Chapter
More informationAccess Your Cisco Smart Storage Remotely Via WebDAV
Application Note Access Your Cisco Smart Storage Remotely Via WebDAV WebDAV (Web-based Distributed Authoring and Versioning), is a set of extensions to the HTTP(S) protocol that allows a web server to
More informationEnsuring Enterprise Data Security with Secure Mobile File Sharing.
A c c e l l i o n S e c u r i t y O v e r v i e w Ensuring Enterprise Data Security with Secure Mobile File Sharing. Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite
More informationIntelligent Database Monitoring System using ARM9 with QR Code
Intelligent Database Monitoring System using ARM9 with QR Code Jyoshi Niklesh 1, Dhruva R. Rinku 2 Department of Electronics and Communication CVR College of Engineering, JNTU Hyderabad Hyderabad, India
More informationLinux Server Support by Applied Technology Research Center. Proxy Server Configuration
Linux Server Support by Applied Technology Research Center Proxy Server Configuration We configure squid for your LAN. Including transparent for HTTP and proxy for HTTPS. We also provide basic training
More informationTutorial on Smartphone Security
Tutorial on Smartphone Security Wenliang (Kevin) Du Professor wedu@syr.edu Smartphone Usage Smartphone Applications Overview» Built-in Protections (ios and Android)» Jailbreaking and Rooting» Security
More informationDigital Audio and Video Data
Multimedia Networking Reading: Sections 3.1.2, 3.3, 4.5, and 6.5 CS-375: Computer Networks Dr. Thomas C. Bressoud 1 Digital Audio and Video Data 2 Challenges for Media Streaming Large volume of data Each
More informationTrusler i Web- og Mobilkanalen Audun Jøsang
Trusler i Web- og Mobilkanalen Audun Jøsang Mobil apps sikkerhet seminar IT Fornebu Torsdag 28 April 2011 1 Norwegian Terms English Norwegian Security Safety Certainty Sikkerhet Trygghet Visshet Good Security
More informationThe Mobile Security Challenge: Opportunities & Issues Matthew Young, Security Programs Manager
The Mobile Security Challenge: Opportunities & Issues Matthew Young, Security Programs Manager Mobility -we have come a long way and where is it going? Image: Word Press Mobility To achieve mobility, two
More informationThe Secure Sockets Layer (SSL)
Due to the fact that nearly all businesses have websites (as well as government agencies and individuals) a large enthusiasm exists for setting up facilities on the Web for electronic commerce. Of course
More informationBBM Protected Secure mobile
BBM Protected Secure mobile messaging All the benefits of BBM with the security of enterprise-grade encryption BBM Protected allows employees to take advantage of the speed, reliability and privacy of
More informationApache Milagro (incubating) An Introduction ApacheCon North America
Apache Milagro (incubating) An Introduction ApacheCon North America Apache Milagro will establish a new independent security framework for the Internet A Distributed Cryptosystem Secure the Future of the
More informationEFFECTIVE QUERY RETRIEVAL SYSTEM IN MOBILE BUSINESS ENVIRONMENT
EFFECTIVE QUERY RETRIEVAL SYSTEM IN MOBILE BUSINESS ENVIRONMENT 1 R.Sivaraman, 2 RM.Chandrasekaran 1 Dy.Director, Center for Convergence of Technologies (CCT), Anna University Tiruchirappalli, Tiruchirappalli,
More informationSmart Anytime, Safe Anywhere. Climax Home Portal Platform. Envisage and Enable a Connected Future
Smart Anytime, Safe Anywhere Climax Home Portal Platform Envisage and Enable a Connected Future Climax Home Portal Platform An IP/GPRS-Based Solution to Deliver Smart Home and Mobile Control Services Reliable
More informationAbsolute Backdoor Revisited. Vitaliy Kamlyuk, Kaspersky Lab Sergey Belov, Kaspersky Lab Anibal Sacco, Cubica Labs
Absolute Backdoor Revisited Vitaliy Kamlyuk, Kaspersky Lab Sergey Belov, Kaspersky Lab Anibal Sacco, Cubica Labs BlackHat, Las Vegas August, 2014 What is Computrace? Computrace is an Anti-Theft software
More informationDownloading Electro Scan Smartphone App From Google Play* * Previously known as The Android Market
Downloading Electro Scan Smartphone App From Google Play* * Previously known as The Android Market Hello and Welcome to Electro Scan s Next Generation in Leak Detection Before you begin, please make sure
More informationInternational Journal of Computing and Business Research (IJCBR)
AN INVESTIGATION OF GSM ARCHITECTURE AND OVERLAYING WITH EFFICIENT SECURITY PROTOCOL Karun Madan, Surya World Institute of Engg. & Technology, Rajpura, Punjab ABSTRACT The Global System for Mobile Communications
More informationSecurity (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012
Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret
More informationBluetooth Low Energy Client Module Out of Box Setup Guide Version 1.0.0
Out of Box Setup Guide Version 1.0.0 Martin Bowman Applications Engineer Released 2015-12-14 Contents 1 IoT BLECM Development Kit 2 1.1 Out of the box setup......................................... 2 2
More informationNetwork Management. Jaakko Kotimäki. Department of Computer Science Aalto University, School of Science. 21. maaliskuuta 2016
Jaakko Kotimäki Department of Computer Science Aalto University, School of Science Outline Introduction SNMP architecture Management Information Base SNMP protocol Network management in practice Niksula
More informationInternational Journal of Computing and Business Research (IJCBR) INSECURE GSM NETWORK AND SECURITY SOLUTIONS FOR MOBILE BANKING
INSECURE GSM NETWORK AND SECURITY SOLUTIONS FOR MOBILE BANKING Karun Madan, Surya World Institute of Engg. & Technology, Rajpura, Punjab ABSTRACT Out of the many revolutions in the current world, mobile
More informationAttacking SMS. BlackHat USA 2009. RingZero https://luis.ringzero.net
Attacking SMS BlackHat USA 2009 Zane Lackey (zane@isecpartners.com) Luis Miras (luis@ringzero.net) Agenda SMS Background Overview SMS in mobile security Testing Challenges Attack Environment Attacks Implementation
More informationWorkday Mobile Security FAQ
Workday Mobile Security FAQ Workday Mobile Security FAQ Contents The Workday Approach 2 Authentication 3 Session 3 Mobile Device Management (MDM) 3 Workday Applications 4 Web 4 Transport Security 5 Privacy
More informationDTR Business Systems, Inc. Rene Beltran
DTR Business Systems, Inc. Rene Beltran Established 1983 Provide on premise and off premise server based technology for Small Business users. Provide hardware, network and operating systems support for
More informationBYOD and Its Impact on IT. Making it easy to deploy, integrate and manage Macs, iphones and ipads in a Windows environment
BYOD and Its Impact on IT Making it easy to deploy, integrate and manage Macs, iphones and ipads in a Windows environment BYOD and IT D means Apple products Macs iphones ipads Android phones IT means Microsoft
More informationExploiting Fundamental Weaknesses in Command and Control (C&C) Panels
Exploiting Fundamental Weaknesses in Command and Control (C&C) Panels What Goes Around Comes Back Around! Aditya K Sood Senior Security Researcher and Engineer 1 Dr. Aditya K Sood About the Speaker! Senior
More informationUNDERSTANDING SMS: Practitioner s Basics
UNDERSTANDING SMS: Practitioner s Basics Michael Harrington, CFCE, EnCE It is estimated that in 2006, 72% of all mobile phone users world wide were active users of SMS or text messaging. In European countries
More informationMachine Problem 3 (Option 1): Mobile Video Chat
Machine Problem 3 (Option 1): Mobile Video Chat CS414 Spring 2011: Multimedia Systems Instructor: Klara Nahrstedt Posted: Apr 4, 2011 Due: 11:59pm Apr 29, 2011 Introduction You may have heard that Apple
More informationProtocol Security Where?
IPsec: AH and ESP 1 Protocol Security Where? Application layer: (+) easy access to user credentials, extend without waiting for OS vendor, understand data; (-) design again and again; e.g., PGP, ssh, Kerberos
More informationE-Mail: SupportCenter@uhcl.edu Phone: 281-283-2828 Fax: 281-283-2969 Box: 230 http://www.uhcl.edu/uct
A VPN (Virtual Private Network) provides a secure, encrypted tunnel from your computer to UHCL's network when off campus. UHCL offers VPN software to allow authenticated, secure access to many UHCL resources
More informationComputer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
More informationDetecting Bots with Automatically Generated Network Signatures
Detecting Bots with Automatically Generated Network Signatures Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Goebel, Christopher Kruegel, Engin Kirda,, {pw,tho}@seclab.tuwien.ac.at Institute Eurecom,
More informationPersonalised icalendar Teaching Timetable Feed for Staff and Students
IT user guide Personalised icalendar Teaching Timetable Feed for Staff and Students Contents... 1 Personalised icalendar Teaching Timetable Feed for Staff and Students... 1 1 About the service... 1 2 How
More information@msecnet / www.m-sec.net. Bogdan ALECU
Business logic flaws in mobile operators services Bogdan Alecu About me Independent security researcher Sysadmin Passionate about security, specially when it s related to mobile devices; started with NetMonitor
More informationNokia and Nokia Connecting People are registered trademarks of Nokia Corporation
Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation Nokia E70 Configuring connection settings Nokia E70 Configuring connection settings Legal Notice Copyright Nokia 2006. All
More informationBotNets- Cyber Torrirism
BotNets- Cyber Torrirism Battling the threats of internet Assoc. Prof. Dr. Sureswaran Ramadass National Advanced IPv6 Center - Director Why Talk About Botnets? Because Bot Statistics Suggest Assimilation
More informationTop Ten Web Attacks. Saumil Shah Net-Square. BlackHat Asia 2002, Singapore
Top Ten Web Attacks Saumil Shah Net-Square BlackHat Asia 2002, Singapore TodayÕs battleground Ð the Web Web sites and web applications rapidly growing. Complex business applications are now delivered over
More informationInternet Self Service FAQs
Internet Self Service FAQs General Questions... 2 What is Mobile Banking? 2 Is Mobile Banking secure? 2 Is my personal or financial information stored on my phone? 3 Are there fees to use Mobile Banking?
More informationThe full setup includes the server itself, the server control panel, Firebird Database Server, and three sample applications with source code.
Content Introduction... 2 Data Access Server Control Panel... 2 Running the Sample Client Applications... 4 Sample Applications Code... 7 Server Side Objects... 8 Sample Usage of Server Side Objects...
More informationTechnical documentation
Technical documentation HTTP Application Programming Interface SMPP specifications Page 1 Contents 1. Introduction... 3 2. HTTP Application Programming Interface... 4 2.1 Introduction... 4 2.2 Submitting
More informationWorldwide attacks on SS7 network
Worldwide attacks on SS7 network P1 Security Hackito Ergo Sum 26 th April 2014 Pierre-Olivier Vauboin (po@p1sec.com) Alexandre De Oliveira (alex@p1sec.com) Agenda Overall telecom architecture Architecture
More informationBillion Dollar Botnets:
Billion Dollar Botnets: An Examination of the Current Trend in Android Botnets Cathal Mullaney Senior Software Engineer @threatintel Symantec Security Response 1 Presentation agenda 1 2 Android botnets
More informationA SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS. N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1
A SECURITY ARCHITECTURE FOR AGENT-BASED MOBILE SYSTEMS N. Borselius 1, N. Hur 1, M. Kaprynski 2 and C.J. Mitchell 1 1 Royal Holloway, University of London 2 University of Strathclyde ABSTRACT Future mobile
More informationCHECK POINT Mobile Security Revolutionized. [Restricted] ONLY for designated groups and individuals
CHECK POINT Mobile Security Revolutionized [Restricted] ONLY for designated groups and individuals 2014 Check Point Software Technologies Ltd. 1 Rapidly Expanding Mobile Threats MOBILE THREATS are ESCALATING
More informationPractical Attacks against Mobile Device Management (MDM) Michael Shaulov, CEO Daniel Brodie, Security Researcher Lacoon Mobile Security
Practical Attacks against Mobile Device Management (MDM) Michael Shaulov, CEO Daniel Brodie, Security Researcher Lacoon Mobile Security March 14, 2013 About: Daniel Security researcher for almost a decade
More informationSecure Email Frequently Asked Questions
Secure Email Frequently Asked Questions Frequently Asked Questions Contents General Secure Email Questions and Answers Forced TLS Questions and Answers SecureMail Questions and Answers Glossary Support
More informationFairsail REST API: Guide for Developers
Fairsail REST API: Guide for Developers Version 1.02 FS-API-REST-PG-201509--R001.02 Fairsail 2015. All rights reserved. This document contains information proprietary to Fairsail and may not be reproduced,
More informationCopyright 2005-2007 MyPW LLC.
Simple & Secure Authentication It's common knowledge that most people use the same or similar passwords wherever they have an online account. Because of this, it can only take one security breach for Identity
More informationREGULATORY ADVISORY 14 FEBRUARY 2014
REGULATORY ADVISORY OFAC AMENDS AND EXPANDS GENERAL LICENSE AUTHORIZING EXPORTS TO IRAN FOR PERSONAL COMMUNICATIONS Kent Bressie & Danielle Piñeres On February 7, 2014, the U.S. Department of the Treasury
More informationWeb server botnets and hosting farms as attack platforms
Web server botnets and hosting farms as attack platforms Gadi Evron Beyond Security defcon 15, 2007 About me Who I am.. What do I do.. Where do I work.. Regular malware Often Platform specific (Architecture,
More informationCLEO Remote Access Services CLEO Remote Desktop Access User Guide v1.3
CLEO ~Remote Access Services Remote Desktop Access User guide CLEO Remote Access Services CLEO Remote Desktop Access User Guide v1.3 August 2007 page 1 of 16 CLEO 2007 CLEO Remote Access Services 3SGD
More informationManaging ios Devices. Andrew Wellington Division of Information The Australian National University XW11
Managing ios Devices Andrew Wellington Division of Information The Australian National University About Me Mac OS X Systems Administrator Division of Information (Central IT) Mostly manage servers (about
More information